Smart Lock Vendors Under Fire For Collecting Too Much Private Data

from the brave new world dept

Like most internet of broken things products, we’ve noted how “smart” door locks often aren’t all that smart. More than a few times we’ve written about smart lock consumers getting locked out of their own homes without much recourse. Other times we’ve noted how the devices simply aren’t that secure, with one study finding that 12 of 16 smart locks they tested could be relatively easily hacked thanks to flimsy security standards, something that’s the primary feature of many internet of broken things devices.

One such vendor, Latch, has increasingly had its products used by landlords eager to simply access to their properties and sell the technology as an advantage. That hasn’t gone over all that well in New York City, where some residents have sued their landlords over the use of the locks, which many residents found cumbersome and difficult to use. Latch at the time reached out to us to note this shouldn’t be a major obstacle, since users have the option of a smartphone app, a door code, and a physical key card to access their properties.

But there’s another issue that has popped up regarding these products: the amount of data many smart locks are collecting and doling out to property managers. Privacy experts, for example, say the company’s terms of service are overly broad, allowing the sharing of too much data with valued partners and landlords:

“Smart locks can be a great convenience and even privacy-enhancing for residents by allowing them to change codes when they wish or to allow one-time entry by a service provider, but they need strict privacy design and information governance to ensure they don’t cause more harm than good,” Jules Polonetsky, CEO of the Future of Privacy Forum, a nonprofit advocating for principled data practices in support of emerging technologies, tells OneZero. “[Latch’s] privacy policy allows some uses I would urge them to reconsider.”

Latch says it’s currently reviewing its privacy practices and revising its privacy policy “to remove any possible ambiguity and to make our strong record of privacy protection crystal clear.” (Update: Latch told Techdirt the company never captures, stores or uses GPS location data of users, and does not share users’ personal data with third parties for marketing purposes or monetize that data.) The problem, of course, is that with few privacy guidelines and many napping regulators, there’s not much really ensuring that smart lock companies (any companies, really) are following through on their promises. And as company ownership (especially in startup culture) changes, these policies can shift on a dime. In some cases that can even result in your product not working if its servers get shut down.

Many of these issues have also popped up increasingly in the realm of smart electricity meters, which can provide utilities with an unprecedented amount of detail regarding your daily habits, ranging from which appliances you most frequently use, how long you’re home, and when you’re not. The EFF has argued that this data should be protected by the Fouth Amendment, given 65 million of the devices have been installed in the United States over the last few years — 57 million of them in consumer homes.

It’s again a good example of how while everybody fixates on Facebook’s (admittedly terrible) privacy practices, it’s just one small part of a much larger problem that will soon go from bad to absurd. With your cell carrier, ISP, smart locks, electrical utility, and every IOT device in your home collecting data on every single move you make, it’s not hard to envision a future where every step you take is monitored and monetized (and often poorly secured), with little serious recourse for consumer rights. It’s a problem that’s still not taken particularly seriously, despite the threat of looming privacy legislation perched just over the horizon.

Filed Under: , , ,
Companies: latch

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Smart Lock Vendors Under Fire For Collecting Too Much Private Data”

Subscribe: RSS Leave a comment
5 Comments
Kevinsays:

"Smarthome" is not synonymous with IoT

Not all "smarthome" devices are inherently connected devices with their own IP address and cloud connectivity. For your own property you could choose a Zigbee or Z-Wave lock, and your privacy is as good (or bad) as the privacy of your Z-protocol hub. Even manage your smart devices using a non-internet connected solution if you choose.

Tenants, however, don’t get a choice.

Inherently these landlord-issued "smart" locks, like all smart devices, serve their true owner (Latch and, to a lesser extent, the landlord), rather than the tenant.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Report this ad??|??Hide Techdirt ads
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...
Older Stuff
12:25 Australian Privacy Commissioner Says 7-Eleven Broke Privacy Laws By Scanning Customers' Faces At Survey Kiosks (6)
10:50 Missouri Governor Doubles Down On 'View Source' Hacking Claim; PAC Now Fundraising Over This Bizarrely Stupid Claim (45)
10:45 Daily Deal: The All-in-One Microsoft, Cybersecurity, And Python Exam Prep Training Bundle (0)
09:43 Want To Understand Why U.S. Broadband Sucks? Look At Frontier Communications In Wisconsin, West Virginia (8)
05:36 Massachusetts College Decides Criticizing The Chinese Government Is Hate Speech, Suspends Conservative Student Group (71)
19:57 Le Tigre Sues Barry Mann To Stop Copyright Threats Over Song, Lights Barry Mann On Fire As Well (21)
16:07 Court Says City Of Baltimore's 'Heckler's Veto' Of An Anti-Catholic Rally Violates The First Amendment (15)
13:37 Two Years Later, Judge Finally Realizes That A CDN Provider Is Not Liable For Copyright Infringement On Websites (21)
12:19 Chicago Court Gets Its Prior Restraint On, Tells Police Union Head To STFU About City's Vaccine Mandate (158)
10:55 Verizon 'Visible' Wireless Accounts Hacked, Exploited To Buy New iPhones (8)
10:50 Daily Deal: The MacOS 11 Course (0)
07:55 Suing Social Media Sites Over Acts Of Terrorism Continues To Be A Losing Bet, As 11th Circuit Dumps Another Flawed Lawsuit (11)
02:51 Trump Announces His Own Social Network, 'Truth Social,' Which Says It Can Kick Off Users For Any Reason (And Already Is) (100)
19:51 Facebook AI Moderation Continues To Suck Because Moderation At Scale Is Impossible (26)
16:12 Content Moderation Case Studies: Snapchat Disables GIPHY Integration After Racist 'Sticker' Is Discovered (2018) (11)
13:54 Arlo Makes Live Customer Service A Luxury Option (8)
12:05 Delta Proudly Announces Its Participation In The DHS's Expanded Biometric Collection Program (5)
11:03 LinkedIn (Mostly) Exits China, Citing Escalating Demands For Censorship (14)
10:57 Daily Deal: The Python, Git, And YAML Bundle (0)
09:37 British Telecom Wants Netflix To Pay A Tax Simply Because Squid Game Is Popular (32)
06:41 Report: Client-Side Scanning Is An Insecure Nightmare Just Waiting To Be Exploited By Governments (35)
20:38 MLB In Talks To Offer Streaming For All Teams' Home Games In-Market Even Without A Cable Subscription (10)
15:55 Appeals Court Says Couple's Lawsuit Over Bogus Vehicle Forfeiture Can Continue (15)
13:30 Techdirt Podcast Episode 301: Scarcity, Abundance & NFTs (0)
12:03 Hollywood Is Betting On Filtering Mandates, But Working Copyright Algorithms Simply Don't Exist (66)
10:45 Introducing The Techdirt Insider Discord (4)
10:40 Daily Deal: The Dynamic 2021 DevOps Training Bundle (0)
09:29 Criminalizing Teens' Google Searches Is Just How The UK's Anti-Cybercrime Programs Roll (19)
06:29 Canon Sued For Disabling Printer Scanners When Devices Run Out Of Ink (41)
20:51 Copyright Law Discriminating Against The Blind Finally Struck Down By Court In South Africa (7)
More arrow